Cleartext Password Exposure in IBM Tivoli Storage Products
CVE-2015-4949

Currently unrated

Key Information:

Vendor

IBM
Status
Tivoli Storage Manager For Databases Data Protection For Microsoft Sql Server
Tivoli Storage Manager For Mail Data Protection For Microsoft Exchange Server
Tivoli Storage Flashcopy Manager
Vendor
CVE Published:
23 August 2015

What is CVE-2015-4949?

IBM Tivoli Storage Manager products risk exposing sensitive information due to the inclusion of cleartext passwords in exception messages. This vulnerability allows attackers with physical access to obtain passwords displayed on GUI pop-up windows, potentially compromising systems and sensitive data. It affects various IBM products designed for database management and email protection, necessitating caution and immediate updates to mitigate exploitation risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IT03480
vendor-advisoryx_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg21963630
x_refsource_CONFIRM
http://www.securitytracker.com/id/1033270
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.